Forum Discussion
Hi Pete, thanks for your reply. From the link you posted, i see that this expression was said to be useful in the variable assign block which is in the VPE of the access per request policy. Is it possible to use this same expression the per session policy for the advanced resource assign expression box? Secondly, while using this expression to specify groups, is there any where in the SP, IDP connector settings of the SAML that i have to specify this attirbute value in the expression you posted. I am asking because i have seen a box in the IDP connector settings named identity attribute location and i wouldnt know what is required in that box in the idp connector setting.
I am using APM to present a portal access of published applications to authenticated users. Users that will be authenticated with my existing azure AD service and with the existing MFA. Such that once i am authenticated, i see only the portal applications i am expected to see and not more and i can click on those applications without needing a reauthentication to them because of SSO configuration attached to the setup